The "Measures for Cybersecurity Review" will come into force today

　　The "Measures for Cybersecurity Review" revised by 13 departments including the Cyberspace Administration of China and the National Development and Reform Commission will come into effect today (15th).

　　Li Xueying, member of the National Information Security Standardization Technical Committee: The revised "Measures" not only added network platform operators, but also added a number of data security-related clauses, paying more attention to data security, covering a wider range of objects, and reviewing Indicators are more quantitative.

　　Experts said that the "Measures" include situations such as network platform operators' data processing activities that affect or may affect national security into the network security review, and make it clear that network platform operators who have personal information of more than 1 million users must report to network security when listing abroad. The Office of Review declares a cybersecurity review.

　　Fan Yuan, member of the Standing Committee of the Security Committee of the China Computer Federation: There may be the following three situations when applying for a cybersecurity review: First, no review is required; second, after the review is initiated, if it is judged that it does not affect national security, it can continue to go abroad for listing procedures; third, After the review is initiated, if it is judged that it affects national security, it is not allowed to go public abroad.

　　The "Measures" require that critical information infrastructure operators who purchase network products and services should pre-judge the national security risks that may arise after the products and services are put into use.

If it affects or may affect national security, a cybersecurity review shall be reported to the Cybersecurity Review Office.

　　Huang Min, member of the National Information Security Standardization Technical Committee: Data security has become an important part of national security, and it is necessary to focus on preventing the risk of critical information infrastructure, core data, important data or a large amount of personal information being influenced, controlled and maliciously used by foreign governments. And the harm of supply interruption to the continuity of the country's key information infrastructure such as energy, transportation, water conservancy, national defense technology, etc.